<?php
// 仅当会话尚未启动时调用 session_start()
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

// 如果用户没有登录或角色不是 "admin"，则重定向到登录页面
if (!isset($_SESSION['role']) || $_SESSION['role'] !== 'admin') {
    header('Location: http://localhost/Library_management_system/index.php');
    exit();
}

// 数据库连接
$pdo = new PDO('mysql:host=localhost;dbname=library', 'root', '123456');

// 处理冻结/解冻请求
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $u_No = $_POST['u_No'];
    $action = $_POST['action']; // "冻结" 或 "正常"

    // 更新用户状态
    if ($action === '冻结') {
        $stmt = $pdo->prepare('UPDATE users SET state = "冻结" WHERE u_No = ?');
    } else {
        $stmt = $pdo->prepare('UPDATE users SET state = "正常" WHERE u_No = ?');
    }

    // 执行更新操作
    $stmt->execute([$u_No]);

    // 提示用户操作成功
    echo "<p>用户状态已更新！</p>";
}
?>

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>冻结/解冻用户</title>
</head>
<body>
    <h2>冻结/解冻用户</h2>
    <form method="POST">
        <label for="u_No">用户账号 (u_No):</label>
        <input type="text" name="u_No" required>

        <label for="action">操作:</label>
        <select name="action" required>
            <option value="freeze">冻结</option>
            <option value="unfreeze">解冻</option>
        </select>

        <button type="submit">提交</button>
    </form>
</body>
</html>
